CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2014-2197
https://notcve.org/view.php?id=CVE-2014-2197
The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a crafted URL, aka Bug ID CSCun49862. La interfaz gráfica de usuario (GUI) Administration en el Framework web en Cisco Unified Communications Domain Manager (CDM) en Unified CDM Application Software anterior a 8.1.4 no implementa debidamente el control de acceso, lo que permite a usuarios remotos autenticados modificar las credenciales administrativas a través de una URL manipulada, también conocido como Bug ID CSCun49862. • http://secunia.com/advisories/59573 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=34689 http://www.securityfocus.com/bid/68333 http://www.securitytracker.com/id/1030515 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2014-3300 – Viproy CUCDM IP Phone XML Services Call Forwarding Tool
https://notcve.org/view.php?id=CVE-2014-3300
The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a crafted URL, aka Bug ID CSCum77041. El portal BVSMWeb en el Framework web en Cisco Unified Communications Domain Manager (CDM) en Unified CDM Application Software anterior a 10 no implementa debidamente el control de acceso, lo que facilita a atacantes remotos modificar información de usuario a través de una URL manipulada, también conocido como Bug ID CSCum77041. • http://secunia.com/advisories/59556 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=34689 http://www.securityfocus.com/bid/68331 http://www.securitytracker.com/id/1030515 - • CWE-264: Permissions, Privileges, and Access Controls •